Tech Support Forum banner
Cancel

So many Antivirus scanner pop ups...

Jump to Latest Follow
Status
Not open for further replies.
1 - 4 of 4 Posts
N

· Registered
Joined
·
3 Posts
Discussion Starter · #1 ·
Something happened to my computer today, I keep getting these pop ups for virus scanners, scholarships, Loans, ETC... The pop ups are ridiculous yet but i hope to prevent that from happening again.
I have attached the files requested for support... Thank for your help..


DDS (Version 1.0) - NTFSx86
Run by Noel at 20:57:02.57 on Fri 11/21/2008
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.858 [GMT -6:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\WMP54GS Wireless Network Monitor\WLService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Noel\Local Settings\Temp\snapsnet\dPI191065.exe
C:\WINDOWS\system32\prunnet.exe
C:\WINDOWS\Explorer.EXE
c:\windows\system32\dwwnw64r.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\bm9lbA\command.exe
C:\WINDOWS\system32\rcntosdl.exe
C:\WINDOWS\system32\dPI19\dPI191065.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\AnyTrial.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WMP54GS Wireless Network Monitor\WMP54G.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Documents and Settings\Noel\Desktop\dds.scr
C:\WINDOWS\System32\wbem\wmiprvse.exe

============== Psuedo HJT Report ===============

uStart Page = hxxp://my2.freeze.com/?AcquisitionID=0b52b2df-08da-4c15-88df-585300065356&s=&ipc=
BHO: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
BHO: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {647C543D-5501-4F23-A0D9-FF4E35A2E47C} - c:\windows\system32\tuvULbYR.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - c:\windows\mpcodecplg.dll
BHO: {e1d71409-2429-4e5f-a3c8-252ac88952fa} - c:\windows\system32\qpgczu.dll
TB: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [prunnet] "c:\windows\system32\prunnet.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [CTHelper] CTHELPER.EXE
mRun: [SBDrvDet] c:\program files\creative\sb drive det\SBDrvDet.exe /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [BugSoft AnyTrial] c:\program files\slysoft\anydvd\AnyTrialControl.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [iTunesHelper] "c:\program files\itunes7.5\iTunesHelper.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [prunnet] "c:\windows\system32\prunnet.exe"
mRun: [{50-0C-CB-B9-DW}] c:\windows\system32\dwwnw64r.exe DWmmm01FF
mRun: [ExploreUpdSched] c:\windows\system32\rcntosdl.exe DWmmm01FF
mRun: [28050c16] rundll32.exe "c:\windows\system32\jlbbywms.dll",b
mRunOnce: [Give4Free Uninstall] c:\docume~1\noel\locals~1\temp\uninstall.exe UAF
StartupFolder: c:\docume~1\noel\startm~1\programs\startup\anapod~1.lnk - c:\program files\red chair software\anapod explorer\anamgr.exe
StartupFolder: c:\docume~1\noel\startm~1\programs\startup\deewoo.lnk - c:\windows\system32\rcntosdl.exe
StartupFolder: c:\docume~1\noel\startm~1\programs\startup\deskto~1.lnk - c:\program files\research in motion\blackberry\DesktopMgr.exe
StartupFolder: c:\docume~1\noel\startm~1\programs\startup\dw_start.lnk - c:\windows\system32\dwwnw64r.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\deskto~1.lnk - c:\program files\research in motion\blackberry\DesktopMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Notify: efcCtqqR - efcCtqqR.dll
AppInit_DLLs: qpgczu.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {73259091-9574-4ED8-A40F-7F65AFC28634} - c:\windows\system32\efcCtqqR.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\tuvULbYR

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2008-11-21 20:43 250 a------- c:\windows\gmer.ini
2008-11-21 20:39 129,024 a------- c:\windows\system32\wsqyhiwe.dll
2008-11-21 20:39 129,024 a------- c:\windows\system32\qpgczu.dll
2008-11-21 20:39 72,704 a------- c:\windows\system32\jlbbywms.dll
2008-11-21 20:39 1,641,321 ---sh--- c:\windows\system32\smwybblj.ini
2008-11-21 20:20 <DIR> --d----- c:\program files\Trend Micro
2008-11-21 19:10 129,024 a------- c:\windows\system32\ywgztf.dll
2008-11-21 19:10 129,024 a------- c:\windows\system32\soexucxy.dll
2008-11-21 19:09 <DIR> --d----- c:\docume~1\noel\applic~1\IUpd721
2008-11-21 19:07 1,641,321 ---sh--- c:\windows\system32\isotmcrj.ini
2008-11-21 19:07 72,704 -------- c:\windows\system32\jrcmtosi.dll
2008-11-21 19:04 26,112 a------- c:\windows\system32\geBqNgec.dll
2008-11-21 19:04 26,112 a------- c:\windows\system32\byXPIyWM.dll
2008-11-21 19:04 <DIR> --d----- c:\windows\system32\dPI19
2008-11-21 19:04 <DIR> --d----- c:\docume~1\noel\applic~1\NI.GSCNS
2008-11-21 18:58 887,178 a--sh--- c:\windows\system32\RYbLUvut.ini2
2008-11-21 18:58 892,714 a--sh--- c:\windows\system32\RYbLUvut.ini
2008-11-21 18:58 318,464 -------- c:\windows\system32\tuvULbYR.dll
2008-11-21 18:54 861 a------- c:\windows\system32\winpfz33.sys
2008-11-21 18:53 21 a------- c:\windows\system32\zxdnt3d.cfg
2008-11-21 18:53 687,592 a------- c:\windows\system32\atmtd.dll._
2008-11-21 18:53 687,592 a------- c:\windows\system32\atmtd.dll
2008-11-21 18:53 548,928 a------- c:\windows\system32\rcntosdl.exe
2008-11-21 18:53 153,484 a------- c:\windows\system32\g62.exe
2008-11-21 18:53 1,989 a------- c:\windows\uninstall_nmon.vbs
2008-11-21 18:53 <DIR> --d----- c:\program files\Network Monitor
2008-11-21 18:53 <DIR> --dsh--- c:\windows\bm9lbA
2008-11-21 18:53 <DIR> --d----- c:\temp\tn3
2008-11-21 18:53 <DIR> --d----- c:\program files\webHancer
2008-11-21 18:53 200,709 a------- c:\windows\system32\dwwnw64r.exe
2008-11-21 18:53 0 a------- c:\windows\system32\drivers\core.cache.dsk
2008-11-21 18:53 86,272 a------- c:\windows\system32\drivers\CTOSS9XX.sys
2008-11-21 18:53 172 a------- c:\windows\system32\msnav32.ax
2008-11-21 18:53 <DIR> --d----- c:\temp\FT62
2008-11-21 18:52 <DIR> --d----- c:\temp\1cb
2008-11-21 18:52 <DIR> --d----- c:\windows\system32\x4
2008-11-21 18:52 <DIR> --d----- c:\windows\system32\mp
2008-11-21 18:52 <DIR> --d----- c:\windows\system32\ID2
2008-11-21 18:52 <DIR> --d----- c:\windows\system32\gp2
2008-11-21 18:52 <DIR> --d----- c:\windows\system32\dim
2008-11-21 18:52 <DIR> --d----- C:\Temp
2008-11-21 18:52 26,112 a------- c:\windows\system32\geBrrQjI.dll
2008-11-21 18:52 115,016 a------- c:\windows\system32\MSINET.OCX
2008-11-21 18:52 26,112 a------- c:\windows\system32\efcCtqqR.dll
2008-11-21 18:52 38,400 a------- c:\windows\system32\prunnet.exe
2008-11-20 13:11 <DIR> --d----- c:\docume~1\noel\applic~1\Red Chair Software
2008-11-20 13:11 <DIR> --d----- c:\program files\Red Chair Software
2008-11-18 19:40 <DIR> --d----- c:\program files\common files\Macrovision Shared
2008-11-18 19:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Rosetta Stone
2008-11-18 19:39 <DIR> --d----- c:\program files\Rosetta Stone
2008-11-18 19:16 <DIR> --d----- c:\program files\PowerISO
2008-11-15 00:29 13,312 a------- c:\windows\ODBCAD32.EXE
2008-11-15 00:29 11,536 a------- c:\windows\ODBCCP32.CPL
2008-11-15 00:29 <DIR> --d----- C:\EBook
2008-11-15 00:07 <DIR> --d----- c:\program files\common files\SWF Studio
2008-11-15 00:07 <DIR> --d-h--- c:\program files\Give4Free Plugin
2008-11-15 00:07 <DIR> --d----- c:\program files\Matrix Code Screensaver
2008-11-12 14:37 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 14:37 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2008-10-24 09:37 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll

==================== Find3M ====================

2008-11-21 20:43 <DIR> --d----- c:\docume~1\noel\applic~1\Vso
2008-11-21 18:59 <DIR> --d----- c:\docume~1\noel\applic~1\uTorrent
2008-11-20 03:44 325,120 a------- c:\windows\system32\ajlcmsegoepbezjh.dll
2008-10-23 15:29 <DIR> --d----- c:\docume~1\noel\applic~1\LimeWire
2008-10-22 21:22 <DIR> --d----- c:\program files\LimeWire
2008-10-05 21:03 <DIR> --d----- c:\docume~1\alluse~1\applic~1\1Click DVD Copy Pro
2008-09-30 20:13 <DIR> --d----- c:\program files\VSO
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-28 04:49 <DIR> --d----- c:\program files\Messenger
2008-09-28 04:48 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-09-28 04:42 <DIR> --d----- c:\program files\Windows NT
2008-09-15 06:12 1,846,400 a------- c:\windows\system32\win32k.sys
2008-09-09 19:14 1,307,648 a------- c:\windows\system32\msxml6.dll
2008-09-04 11:15 1,106,944 a------- c:\windows\system32\msxml3.dll
2008-08-26 01:24 826,368 a------- c:\windows\system32\wininet.dll
2008-08-17 21:59 <DIR> --d----- c:\docume~1\noel\applic~1\iPhoneRingToneMaker
2008-05-14 20:42 <DIR> --d----- c:\docume~1\alluse~1\applic~1\FunGames
2008-05-09 19:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Rabio
2008-05-09 19:39 <DIR> --d----- c:\docume~1\noel\applic~1\WeatherBug
2008-04-11 16:36 <DIR> --d----- c:\docume~1\noel\applic~1\Computer Aces
2008-04-08 20:03 <DIR> --d----- c:\docume~1\alluse~1\applic~1\1Click DVD Copy
2008-02-03 23:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\vsosdk
2008-01-24 12:48 <DIR> --d----- c:\docume~1\noel\applic~1\Research In Motion
2008-01-13 00:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SlySoft
2008-01-10 15:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WEBREG
2008-02-22 14:07 15,872 a--sh--- c:\windows\AnyTrial.exe
2005-08-02 16:46 187,904 a--shr-- c:\windows\bm9lba\asappsrv.dll
2005-08-02 16:58 293,888 a--shr-- c:\windows\bm9lba\command.exe
2005-07-29 16:24 472 a--shr-- c:\windows\bm9lba\vA65vE.vbs

============= FINISH: 20:58:46.54 ===============
 

Attachments

N

· Registered
Joined
·
3 Posts
Discussion Starter · #2 · (Edited)
can no one help? I have pop- ups for holdaysavings.com and rebaterating.com... please help

Here is my HiJackThis.log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:09 PM, on 11/21/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WMP54GS Wireless Network Monitor\WLService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Noel\Local Settings\Temp\snapsnet\dPI191065.exe
C:\WINDOWS\system32\prunnet.exe
c:\windows\system32\dwwnw64r.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\bm9lbA\command.exe
C:\WINDOWS\system32\rcntosdl.exe
C:\WINDOWS\system32\dPI19\dPI191065.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\AnyTrial.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WMP54GS Wireless Network Monitor\WMP54G.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my2.freeze.com/?AcquisitionID=0b52b2df-08da-4c15-88df-585300065356&s=&ipc=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BugSoft AnyTrial] C:\Program Files\SlySoft\AnyDVD\AnyTrialControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes7.5\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKLM\..\Run: [{50-0C-CB-B9-DW}] c:\windows\system32\dwwnw64r.exe DWmmm01FF
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\rcntosdl.exe DWmmm01FF
O4 - HKLM\..\Run: [28050c16] rundll32.exe "C:\WINDOWS\system32\jlbbywms.dll",b
O4 - HKLM\..\RunOnce: [Give4Free Uninstall] C:\DOCUME~1\Noel\LOCALS~1\Temp\uninstall.exe UAF
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\rcntosdl.exe
O4 - Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinner.com/games/v49/luxor/luxor.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://www.worldwinner.com/games/v67/swapit/swapit.cab
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) - http://www.worldwinner.com/games/v47/wwspades/wwspades.cab
O20 - AppInit_DLLs: qpgczu.dll
O23 - Service: BugSoft AnyTrial (AnyTrial) - Dr.Pc Putte Corp ;) - C:\WINDOWS\AnyTrial.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\bm9lbA\command.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: WMP54GSVC - GEMTEKS - C:\Program Files\WMP54GS Wireless Network Monitor\WLService.exe

--
End of file - 11066 bytes
 
Ried

· TSF Security Manager, Emeritus
Joined
·
42,952 Posts
#3 ·
Hello needcomputerfix,

If you still require assistance, please run a new scan with dds and post a fresh dds.txt and we'll get started.
 
Save Share
Ried

· TSF Security Manager, Emeritus
Joined
·
42,952 Posts
#4 ·
Save Share
1 - 4 of 4 Posts
Status
Not open for further replies.
About this Discussion
3 Replies
2 Participants
Last post:
Ried
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top